Staff Engineer, Endpoint Security

<h2><strong>About Nscale</strong></h2> <p>Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.</p> <p>We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.</p> <h2><strong>About the Role</strong></h2> <p>We’re hiring a Staff Security Engineer focused on Endpoint and Device Security to build and operate the endpoint and device security foundation for Nscale employees, engineers, data center staff, and privileged operators.</p> <p>This is a hands-on engineering role centered on turning endpoint security from a collection of tools and policies into a measurable operating model. You’ll work across employee laptops and workstations, engineering endpoints, privileged admin devices, and site-support devices, partnering closely with IT, Identity, Infrastructure, Security Operations, Legal, Privacy, and business stakeholders to design controls that are secure, reliable, and workable in practice.</p> <p>This role is critical because endpoint and device security is one of the fastest ways to reduce enterprise risk without slowing the business down. Your work will drive stronger managed-device coverage, hardened baselines, local admin reduction, healthier telemetry, and clearer evidence that device risk is going down across the organization.</p> <h2><strong>What you'll be doing</strong></h2> <p><strong>Architecture &amp; Standards</strong></p> <ul> <li><strong>Own</strong> endpoint and device security architecture across employee devices, engineering workstations, privileged admin devices, and site-support endpoints.</li> <li><strong>Define</strong> secure baseline standards for operating systems, browsers, disk encryption, host firewalls, endpoint telemetry, and configuration hardening.</li> <li><strong>Develop</strong> practical device standards for remote workers, office users, data center staff, contractors, and high-risk user populations.</li> </ul> <p><strong>Access &amp; Security Integration</strong></p> <ul> <li><strong>Establish</strong> device posture requirements for access to enterprise applications, production systems, privileged workflows, and sensitive data.</li> <li><strong>Integrate</strong> endpoint posture with identity, privileged access, vulnerability management, and detection workflows.</li> <li><strong>Partner</strong> with Identity and Privileged Access teams to support high-risk application and production access decisions.</li> </ul> <p><strong>Privilege Reduction &amp; Endpoint Operations</strong></p> <ul> <li><strong>Drive</strong> local admin reduction and controlled elevation patterns that reduce risk without creating operational dead ends.</li> <li><strong>Lead</strong> endpoint rollout readiness, including deployment sequencing, exception handling, user communication, rollback planning, and adoption metrics.</li> <li><strong>Create</strong> an exception model with clear ownership, risk documentation, compensating controls, expiry, and review cadence.</li> </ul> <p><strong>Telemetry, Evidence &amp; Reporting</strong></p> <ul> <li><strong>Define</strong> endpoint telemetry requirements to support investigations, detection engineering, audit evidence, and executive reporting.</li> <li><strong>Build</strong> visibility into device security posture through dashboards covering coverage, stale devices, unmanaged endpoints, local admin status, and telemetry health.</li> <li><strong>Measure</strong> progress through metrics such as coverage, unmanaged devices, local admin reduction, hardening compliance, and endpoint detection health.</li> </ul> <h2><strong>KPIs</strong></h2> <ul> <li>Managed device coverage</li> <li>Reduction in stale and unmanaged endpoints</li> <li>Local admin reduction</li> <li>Hardening compliance and endpoint detection health</li> </ul> <h2><strong>About You</strong></h2> <ul> <li><strong>7+ years</strong> in endpoint security, device management, enterprise security engineering, infrastructure security, or related engineering roles</li> <li>Hands-on experience securing <strong>Windows, macOS, and/or Linux</strong> endpoints in enterprise environments</li> <li>Experience with device management, endpoint detection, OS hardening, disk encryption, browser security, host firewalls, and endpoint telemetry</li> <li>Experience reducing standing local admin privileges or implementing controlled elevation models</li> <li>Strong scripting, automation, packaging, configuration, or endpoint workflow engineering skills</li> <li>Ability to balance strong endpoint controls with user experience, operational reliability, and business velocity</li> <li>Experience partnering with IT, identity, infrastructure, security operations, legal, privacy, and business stakeholders</li> <li>Experience securing high-risk engineering populations, data center support teams, privileged administrators, or remote-first workforces</li> <li>Experience using device posture in conditional access, privileged access, or production access decisions</li> <li>Experience producing audit-ready evidence for device controls and endpoint security posture</li> </ul> <h2><strong>What we can offer you</strong></h2> <p>At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.</p> <ul> <li>Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀</li> <li>Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨</li> <li>Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.</li> <li>Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.</li> </ul> <h2><strong>Equal Opportunities Statement</strong></h2> <p>We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.</p> <p>If there’s anything we can do to accommodate your specific situation, please let us know.</p> <p>The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.</p> <p>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice: Here.</p> <h2><strong>Salary Range</strong></h2> <p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p></div><div class="title">Salary Range</div><div class="pay-range"><span>$175,000</span><span class="divider">&mdash;</span><span>$225,000 USD</span></div></div></div><div class="content-conclusion"><p><em>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice:&nbsp;<a href="https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp=sharing" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp%3Dsharing&amp;source=gmail&amp;ust=1765375172804000&amp;usg=AOvVaw2Ncte4rmlGl8OKuFuDgDtx">Here.</a></em></p></div>